iac
/
docker-bootstrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: iac:6051fda1dbf3b9c588f285a11dd607a296675637
Branches Tags
iac:main
..
compare: iac:9ec1082d2ce4453725f532ffddff6ba7bfb326c4
Branches Tags
iac:main

7 Commits
6051fda1db ... 9ec1082d2c

Author SHA1 Message Date
Kameron Kenny 9ec1082d2c fix grep 2024-12-18 14:47:12 -05:00
Kameron Kenny c203a0727a make sure running as root. 2024-12-18 14:44:03 -05:00
Kameron Kenny f16b5de7f6 configure daemon 2024-12-18 14:41:44 -05:00
Kameron Kenny 220d4e27ca configure daemon 2024-12-18 14:21:25 -05:00
Kameron Kenny 1052ccf386 apt 2024-12-18 14:15:42 -05:00
Kameron Kenny 796808bfd2 cleanup 2024-12-18 14:15:22 -05:00
Kameron Kenny 1af1ae6b9f generate name based nfs mount 2024-12-18 14:13:53 -05:00
7 changed files with 58 additions and 8 deletions
Show Stats Expand all files Collapse all files

9
0_nfs.sh Normal file → Executable file
View File

@ -1,6 +1,11 @@
#!/bin/bash #!/bin/bash
# #
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
export DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND=noninteractive
apt update -qy apt update -qy
apt -qy install nfs-common apt -qy install nfs-common
@ -19,11 +24,11 @@ function install_nfs_mnt() {
check_dir '/var/lib/docker/volumes' check_dir '/var/lib/docker/volumes'
echo "installing nfs mount." echo "installing nfs mount."
echo '10.200.99.231:/volume1/docker/volumes /var/lib/docker/volumes nfs auto,_netdev,x-systemd.automount 0 0' >> /etc/fstab echo "10.200.99.231:/volume1/docker/$(hostname -s)/volumes /var/lib/docker/volumes nfs auto,_netdev,x-systemd.automount 0 0" >> /etc/fstab
systemctl daemon-reload systemctl daemon-reload
} }
grep '/var/lib/docker/volumes' >/dev/null || install_nfs_mnt grep '/var/lib/docker/volumes' /etc/fstab 2>/dev/null || install_nfs_mnt
echo ">>>>>>>>>> mounting" echo ">>>>>>>>>> mounting"
mount -a mount -a

11
1_setup_docker_apt_repo.sh
View File

@ -1,10 +1,15 @@
#!/bin/bash #!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
# REF:https://docs.docker.com/engine/install/debian/#install-using-the-repository # REF:https://docs.docker.com/engine/install/debian/#install-using-the-repository
# Add Docker's official GPG key: # Add Docker's official GPG key:
apt-get update apt -y update
apt-get install ca-certificates curl gnupg apt -y install ca-certificates curl gnupg
install -m 0755 -d /etc/apt/keyrings install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg chmod a+r /etc/apt/keyrings/docker.gpg
@ -14,4 +19,4 @@ echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update apt -y update

7
2_install_docker_pkgs.sh
View File

@ -1,3 +1,8 @@
#!/bin/bash #!/bin/bash
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

9
3_users.sh Normal file → Executable file
View File

@ -1,13 +1,18 @@
#!/bin/bash #!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
grep jenkins /etc/group >/dev/null 2>&1 || groupadd jenkins && echo 'jenkins group exists' grep jenkins /etc/group >/dev/null 2>&1 || groupadd jenkins && echo 'jenkins group exists'
grep jenkins /etc/passwd >/dev/null 2>&1 || useradd jenkins -g jenkins -G docker -m && echo 'jenkins user exists' grep jenkins /etc/passwd >/dev/null 2>&1 || useradd jenkins -g jenkins -G docker -m && echo 'jenkins user exists'
[[ ! -d '/home/jenkins/.ssh' ]] && mkdir /home/jenkins/.ssh || echo '/home/jenkins/.ssh exists' [[ ! -d '/home/jenkins/.ssh' ]] && mkdir /home/jenkins/.ssh || echo '/home/jenkins/.ssh exists'
grep 'jenkins@localhost.thelinuxpro.net' >/dev/null 2>&1 || echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZzcq/InUD3bbrVC+7HzIjhaiz8Nc21ZO1Wu6OsVijs jenkins@localhost.thelinuxpro.net' >> /home/jenkins/.ssh/authorized_keys grep 'jenkins@localhost.thelinuxpro.net' /home/jenkins/.ssh/authorized_keys >/dev/null 2>&1 || echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZzcq/InUD3bbrVC+7HzIjhaiz8Nc21ZO1Wu6OsVijs jenkins@localhost.thelinuxpro.net' >> /home/jenkins/.ssh/authorized_keys
chown -R jenkins.jenkins /home/jenkins/.ssh chown -R jenkins:jenkins /home/jenkins/.ssh
chmod -R 0700 /home/jenkins/.ssh chmod -R 0700 /home/jenkins/.ssh
usermod -a -G docker kkenny usermod -a -G docker kkenny

5
4_provision_networks.sh
View File

@ -1,5 +1,10 @@
#!/usr/bin/env bash #!/usr/bin/env bash
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
ip link set eth0 promisc on ip link set eth0 promisc on
docker network inspect infra_dev_net >/dev/null 2>&1 || \ docker network inspect infra_dev_net >/dev/null 2>&1 || \

19
5_config_docker.sh Executable file
View File

@ -0,0 +1,19 @@
#!/usr/bin/env bash
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
mkdir -p /etc/docker
cat << EOF >> /etc/docker/daemon.json
{
"insecure-registries" : [ "docker-registry1.in.thelinuxpro.net:5000" ],
"log-driver": "syslog",
"log-opts": {
"syslog-address": "udp://syslog.in.thelinuxpro.net:5514",
"tag": "{{.ImageName}}/{{.Name}}"
}
}
EOF

6
99_upgrade.sh Normal file → Executable file
View File

@ -1,4 +1,10 @@
#!/bin/bash #!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "This script must be run as root." >&2
exit 1
fi
export DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND=noninteractive
apt update -qy apt update -qy